Apple has released security updates for a zero-day vulnerability that affects iPhone, iPad, Mac and Apple Watch.The technology giant said iOS 14.8 for iPhones and iPads, as well as new updates for Apple Watch and macOS, will fix at least one vulnerability.
Last month,the zero-day flaw named as such since it gives companies zero days to roll out a fix took advantage of a flaw in Apple’s iMessage, which was exploited to push the Pegasus spyware, developed by Israeli firm NSO Group, to the activist’s phone.
The flaws exploited the latest iPhone software, both iOS 14.4 and later iOS 14.6. But also the exploit broke through new iPhone defenses that Apple had baked into iOS 14, dubbed BlastDoor, which were supposed to prevent silent attacks by filtering potentially malicious code.
The researchers said the exploit takes advantage of a weakness in how Apple devices render images on the display. The same ForcedEntry exploit works on all Apple devices running, until today, the latest software.
Apple pushed out the updates for the vulnerability, known officially as CVE-2021-30860.